b8c9f7803d7a79c8985085c8fd26311d | Triage

Sharing

General

Target

b8c9f7803d7a79c8985085c8fd26311d
Size

192KB
MD5

b8c9f7803d7a79c8985085c8fd26311d
SHA1

7c77f37178523abbba78130a5a2c045d3ff1f3ed
SHA256

fd22b1ac665c1ae0a3315a13f7f52bc0184cb40ebd94eeb761f1046298b38548
SHA512

2478d793d18ccf364a36b611b8a9a2f83527081d163ad491854b34948866bf474c1ca80734a69a77d4828504445dda4e799ff09d344e820475392c275af929dd
SSDEEP

3072:YewVjEHsj0ipMtaBwEGE7VZt+0JU8sUw8AoO7I8AC:txC0ipMta3VnHm8sUe7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8c9f7803d7a79c8985085c8fd26311d

Files

b8c9f7803d7a79c8985085c8fd26311d
.exe windows:4 windows x86 arch:x86

e86e1b5067d1d47ec1d18f2c73259d99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
SizeofResource
CreateFileA
DeleteFileA
SetFileAttributesA
LockResource
LoadResource
FindResourceA
TerminateProcess
OpenProcess
GetCurrentProcessId
MoveFileExA
CreateProcessA
FreeLibrary
ExitProcess
GetModuleHandleA
GetVersion
GetModuleFileNameA
Sleep
WaitForSingleObject
GetSystemDirectoryA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap

user32

wvsprintfA

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE